package com.zsc.wxm.ysh.anjo.config;

import com.zsc.wxm.ysh.anjo.fitler.TokenAuthFilter;
import com.zsc.wxm.ysh.anjo.fitler.TokenLoginFilter;
import com.zsc.wxm.ysh.anjo.security.DefaultPasswordEncoder;
import com.zsc.wxm.ysh.anjo.security.SecurityLogoutHandler;
import com.zsc.wxm.ysh.anjo.security.UnAuthEntryPoint;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;

import javax.annotation.Resource;

/**
 * 描述：
 *
 * @author playmaker
 * @since 2021/2/6 16:36
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Resource
    private DefaultPasswordEncoder defaultPasswordEncoder;

    @Resource
    private UserDetailsService userDetailsService;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.exceptionHandling()
                .authenticationEntryPoint(new UnAuthEntryPoint())
                .and()
                .csrf()
                .disable()
                .authorizeRequests()
                .anyRequest()
                .authenticated()
                .and()
                .logout()
                .logoutUrl("/logout")
                .addLogoutHandler(new SecurityLogoutHandler())
                .and()
                .addFilter(new TokenLoginFilter(authenticationManager()))
                .addFilter(new TokenAuthFilter(authenticationManager()))
                .httpBasic();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(defaultPasswordEncoder);
    }

    /**
     * 不进行认证的路径，可以直接访问 TODO
     * @param web
     * @throws Exception
     */
    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/v2/api-docs/**","/swagger-resources/**",
                "/webjars/**","/swagger-ui.html","/user/member/register",
                "/statics/**","/pages/**","/user/member/admin-register","/user/member/get-one",
                "/user/member/login-by-phone","/user/member/register","/user/member/user-info",
                "/user/member/get-member-list","/user/member/get-list-by-ids",
                "/house/advertise/get-top-list", "/es/upload-es-data", "/search/**",
                "/house/resources/batch-upload-es", "/house/resources/get-info-by-id/**");
//        web.ignoring().antMatchers("/**");
    }
}
